Coinbase is moving to significantly expand the number of digital assets listed on its platform – a process that has led to a radical rethinking of how the startup safeguards billions of dollars worth of cryptocurrencies.
To this end, Coinbase moved retail traders’ crypto assets – worth some $5 billion – into its upgraded storage model last week. According to the company, that migration included 5 percent of all bitcoin, 8 percent of all ethereum, and 25 percent of all the litecoin in circulation, respectively.
Phillip Martin, Coinbase’s head of security, told CoinDesk that the migration process took roughly four months to plan.
“This was a fundamentally new architecture from the ground up,” he said, explaining:
It all began with a new key generation process in October, through which the Coinbase team goes to a secure location with new computers and prints out keys that are then split up using formats that include scannable QR codes.
“We take the private key and apply a cryptographic technique called Shamir’s Secret Sharing, which is an algorithm that’s used to take a piece of private data and split it into a bunch of chunks you can divide,” Martin said. “There’s a threshold splitting system because you can define a threshold by less than the total number of pieces that are sufficient to reconstruct the original.”
The binders full of billions of dollars worth of keys are then divided among various secure locations, requiring multiple Coinbase employees to work together over the phone in order to unlock the cryptocurrency.
While many other bitcoin custodians prefer to rely on multi-signature wallets – rather than a single key divided into parts – Coinbase devised this strategy to accommodate assets that don’t yet work with multisig wallets.
Expansion ahead
Coinbase may have applied this process to the highest volume of assets to date, but the institutional custodian BitGo has also used key sharding in custody solutions for diverse tokens.
BitGo CEO Mike Belshe told CoinDesk his startup won't support any asset that can't accommodate a multisig custody model.
"In the case of ethereum, which does not support on-chain multisig, we are able to support ethereum by using multisig through smart contracts,” Belshe said, adding that BitGo simultaneously uses both key sharding and a multisig approach. “We’re looking for a much more robust custodial process that is really strong, rather than having a lot of breadth."
BitGo’s VP of product marketing, Robin Verderosa, said BitGo and Coinbase follow similar reporting and compliance strategies, which could open the door for both companies to add support for new assets and policies in the following months.
“The regulators had to go very deep into our cold storage solutions,” she said.
Looking ahead, insurance providers, auditors and compliance experts will continue to be an integral part of evaluating such processes, which Martin sees as a sign that the market is maturing.
And yet, one thing that makes Coinbase’s game plan unique is that the exchange company wanted a one-size-fits-all cold storage process that would pave the road for speedy expansions.
“When you’re dealing with $5 billion of crypto, based on the asset prices at that time, we can’t change the process as we go. You want to do it a way you know works every time,” Martin explained, going on to say:
Money origami image via Shutterstock